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REMARKS 

In the non-final Office Action, the Examiner rejects claims 1,19, and 34 under 35 
U.S.C. § 112, second paragraph; and rejects claims 1, 2, 4-28, 34, 35, 37-42, and 44-50 
under 35 U.S.C. § 103(a) as allegedly unpatentable over WEBB et al. (U.S. Patent 
Application Publication No. 2002/0083342) in view of JARDIN (U.S. Patent No. 
6,681,327). Applicants respectfully traverse these rejections. 

By the present amendment, Applicants cancel claim 4 without prejudice or 
diclaimser and amend claims 1,19, 34, and 44 to improve form. No new matter has 
been added by way of the present amendments. Claims 1 , 2, 4-28, 34, 35, 37-42, and 44- 
50 are pending. 

Rejection under 35 U.S.C. § 112, second paragraph 

Claims 1, 19, and 34 stand rejected under 35 U.S.C. § 1 12, second paragraph, 
because there is allegedly insufficient antecedent basis for the feature "server, that is 
separate and distinct." Without acquiescing in the Examiner's rejection, but merely to 
expedite prosecution, Applicants amend claims 1,19, and 34, in the manner suggested by 
the Examiner. As such, withdrawal of the rejection of claims 1,19, and 34 under 35 
U.S.C. § 112, second paragraph, is respectfully requested. 

Rejection under 35 U.S.C. § 103(a) based on WEBB et al. and JARDIN 
Claims 1, 2, 4-28, 34, 35, 37-42, and 44-50 stand rejected under 35 U.S.C. § 
102(a) based on WEBB et al. and JARDIN. Applicants respectfully traverse this 
rejection. 

Amended independent claim 1 recites a method for accessing resources on a 
private network via an intermediary server. The method includes receiving a login 
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request from a user for access to the intermediary server, the intermediary server storing 

an authentication identifier for each of a plurality of users, the authentication identifier 

identifying an authentication server; accessing, based on the authentication identifier, an 

authentication server, where the authentication server is separate and distinct from the 

intermediary server, to authenticate the user in response to the login request; receiving a 

resource request from the authenticated user at the intermediary server, the resource 

request requesting a particular operation with respect to a resource from the private 

network; obtaining access privileges for the authenticated user in response to the resource 

request; determining whether the access privileges for the authenticated user permit the 

authenticated user to perform the particular operation at the private network; and 

preventing, by the intermediary server, performance of the particular operation at the 

private network if the access privileges for the authenticated user do not permit the 

authenticated user to perform the particular operation at the private network. WEBB et 

al. and JARDIN, whether taken alone or in any reasonable combination, do not disclose 

or suggest one or more of these features. 

For example, WEBB et al. and JARDIN do not disclose or suggest accessing, 

based on an authentication identifier, an authentication server, where the authentication 

server is separate and distinct from the intermediary server, to authenticate a user in 

response to a login request. The Examiner admits that WEBB et al. does not disclose or 

suggest that the authentication server is separate and distinct from the intermediary server 

and relies on Fig. 2; the summary; column 4, lines 35-38; and column 6, lines 4-8 of 

JARDIN as allegedly disclosing this feature of claim 1 (Office Action, pg. 4). Applicants 

respectfully disagree with the Examiner's interpretation of JARDIN. 
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At Fig. 2, JARDIN discloses a handshake operation that includes sending, by a 
broker, a server certificate to a client if the client desires authentication of the broker 
before communicating application data to the broker (column 5, lines 7-11). JARDIN 
further discloses that the broker is a proxy for an intended recipient server (column 4, 
lines 34-37). Therefore, the broker of JARDIN is an intermediary between a client and 
an intended recipient. Because the broker of JARDIN operates as an intermediary and an 
authenticator, JARDIN cannot disclose that the authentication server is separate and 
distinct from the intermediary server, as recited in claim 1 . 

In the Summary of the Invention section, at column 2, line 56 - column 3, line 22, 
JARDIN discloses a first server to decrypt contents of a data packet, received over a 
secure link of a computer network, and re-direct the data packet. This section of 
JARDIN further discloses a second server, in data communication with the first server, to 
accept the data packet from the first server and execute the data packet. This section of 
JARDIN does not disclose an authentication server. Therefore, this section of JARDIN 
cannot disclose or suggest that an authentication server is separate and distinct from an 
intermediary server, as recited in claim 1 . 

At column 4, lines 35-38, JARDIN discloses: 

When communication between the client 1 10 and broker 120 (which is a proxy 
for the intended recipient server 130) is desired, the client 110 initiates a 
"handshake" as specified by the communication protocol, e.g., TCP/IP. For 
example, the client 110 transmits a packet having a set SYN bit from the client 
110 to the broker 120. 

This section of JARDIN discloses that, when communication between a client and a 
broker, that is a proxy for an intended recipient server, is desired, the client initiates a 
"handshake" by sending a packet having a set SYN bit to the broker. Therefore, this 
section of JARDIN discloses that the broker acts as an intermediary between the client 
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and the intended recipient server. As noted above, JARDIN further discloses sending, by 

the broker, a server certificate to a client if the client desires authentication of the broker 

before communicating application data to the broker (column 5, lines 7-11). Therefore, 

JARDIN discloses that the broker acts as an intermediary and an authenticator. 

Assuming, for the sake of argument, that the broker of JARDIN can be construed as 

corresponding to the authentication server and the intermediary server of claim 1 (points 

with which Applicants do not agree), JARDIN cannot disclose or suggest that the broker 

is separate and distinct from the broker. Therefore, JARDIN does not disclose or suggest 

that an authentication server is separate and distinct from an intermediary server, as 

recited in claim 1 . 

At column 6, lines 4-8, JARDIN discloses: 

FIG. 3 is a flowchart describing the operation of the broker 120. After the client 
110 and broker 120 establish a SSL connection and commence exchanging 
application data, the broker 120 may selectively execute one of two embodiments 
of the data exchange between the broker 120 and the server 130a. 

This section of JARDIN discloses that, after the client and broker establish a connection 

and commence exchanging application data, the broker may selectively execute one of 

two embodiments of the data exchange between the broker and the server 130a. 

Therefore, this section of JARDIN discloses that the broker acts as an intermediary 

between the client and the server 130a. As noted above, JARDIN further discloses 

sending, by the broker, a server certificate to a client if the client desires authentication of 

the broker before communicating application data to the broker (column 5, lines 7-1 1). 

Therefore, JARDIN discloses that the broker acts as an intermediary and an 

authenticator. Assuming, for the sake of argument, that the broker of JARDIN can be 

construed as corresponding to the authentication server and the intermediary server of 
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claim 1 (points with which Applicants do not agree), JARDIN cannot disclose or suggest 

that the broker is separate and distinct from the broker. Therefore, JARDIN does not 

disclose or suggest that an authentication server is separate and distinct from an 

intermediary server, as recited in claim 1 . 

For at least the foregoing reasons, Applicants submit that claim 1 is patentable 
over WEBB et al. and JARDIN, whether taken alone or in any reasonable combination. 

Claims 2 and 5-18 depend from claim 1. Therefore, these claims are patentable 
over WEBB et al. and JARDIN, whether taken alone or in any reasonable combination, 
for at least the reasons given above with respect to claim 1 . 

Independent claims 19, 34, and 44 recite features similar to (yet possibly of 
different scope than) features recited above with respect to claim 1 . Therefore, 
Applicants submit that claims 19, 34, and 44 are patentable over WEBB et al. and 
JARDIN, whether taken alone or in any reasonable combination, for at least reasons 
similar to reasons given above with respect to claim 1 . 

Claims 20-28 depend from claim 19. Therefore, these claims are patentable over 
WEBB et al. and JARDIN, whether taken alone or in any reasonable combination, for at 
least the reasons given above with respect to claim 19. 

Claims 35-42 depend from claim 34. Therefore, these claims are patentable over 
WEBB et al. and JARDIN, whether taken alone or in any reasonable combination, for at 
least the reasons given above with respect to claim 34. 

Claims 45-50 depend from claim 44. Therefore, these claims are patentable over 
WEBB et al. and JARDIN, whether taken alone or in any reasonable combination, for at 
least the reasons given above with respect to claim 44. 
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Accordingly, Applicants respectfully request reconsideration and withdrawal of 

the rejection of claims 1, 2, 4-28, 34, 35, 37-42, and 44-50 under 35 U.S.C. § 103(a) 

based on WEBB et al. and JARDIN. 

CONCLUSION 

In view of the foregoing amendments and remarks, Applicants respectfully 
request the reconsideration and allowance of the present application. 

As Applicants' remarks with respect to the Examiner's rejections overcome the 
rejections, Applicants' silence as to certain assertions by the Examiner in the Office 
Action or certain requirements that may be applicable to such assertions (e.g., whether a 
reference constitutes prior art, reasons to modify and/or combine the references, 
assertions as to dependent claims, etc.) is not a concession by Applicants that such 
assertions are accurate or that such requirements have been met, and Applicants reserve 
the right to dispute these assertions/requirements in the future. 
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To the extent necessary, a petition for an extension of time under 37 C.F.R. § 

1 . 136 is hereby made. Please charge any shortage in fees due in connection with the 

filing of this paper, including extension of time fees, to Deposit Account No. 50-1070 

and please credit any excess fees to such deposit account. 



Respectfully submitted, 

Harrity & Harrity, LLP 

By: /Meagan S. Walling, Reg. No. 60.112/ 
Meagan S. Walling 
Registration No. 60,112 

Date: December 22, 2009 
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Fairfax, Virginia 22030 
(571)432-0800 
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